At Agile Link we take privacy and security very seriously. This policy provides information on the various aspects relating to security, data backup and privacy and we encourage you to read this policy carefully as it will help you in making informed decisions about sharing your personal information with us and measures we take to ensure security is maintained at all times.
Who are we
We are Agile Link Limited, registered address at The Old Surgery, Ercall Heath, Newport, Shropshire, United Kingdom, TF10 8NH. We are the providers of online care management software service called “Alice” that gives organisations delivering outreach/community and residential care real-time visibility of various aspects related to operational, financial and process specific statuses.
Roles of parties
In regards to data processing Agile Link Limited are acting as data processors. Organisations referred to as “customers” use the software solution to deliver services for there customers referred to as data subjects throughout the policy. Customers act as data controllers.
Processing of personal information by Customers
Customers have sole responsibility for the accuracy, quality, and legality of Personal Data and the means by which customer acquired Personal Data.
Processing of personal information by Agile Link
Agile Link will always treat all personal data confidential and will put in place appropriate measures to securely protect any such data.
Your personal information
Agile Link Ltd will Process Personal Data as necessary to perform the online care management software service, and as further instructed by Customer in its use of the Services.
The service we offer gives users the ability to store personal information such as name, email address, phone number and other key identifiable personal information.
We also directly collect personal information when you:
- Use the service (mainly Alice) including sending us information for account setup and registration purposes
- Contact our helpdesk support team
- Or request online support via our helpdesk portal
- By using our service we may also collect some else’s personal information recorded by you. It is assumed that you have obtained the necessary authorisation from the individual or organisation to whom the data belongs to disclose the information to Agile Link without Agile Link taking any further steps required by applicable data protection or privacy laws, Agile Link may collect, use and disclose such information for the purposes described in this policy.
It is your responsibility to ensure reasonable steps are taken to ensure the individual concerned is aware of and/or consents to the various matters detailed in this policy including the fact that their personal information is being collected, the purposes of which that information is being collected, the intended recipients of that information, the individual’s right to obtain access to that information, Agile Links identity and how to contact Agile Link.
Where requested to do so by Agile Link, You must also assist Agile Link with any requests by the individual to access or update the personal information you have collected from them and entered into the Service.
Agile Link may use the personal information we have collected from you for purposes related to the services to the services including to:
- Authenticate your identity for the purposes of system access
- Manage the service
- Keep you updated with new services offered or changes made to existing service
- Resolve any technical support issues relating to the service
- Comply with laws and regulations in applicable jurisdictions and
- Communicate with you
By using the Service, You consent to your personal information being collected, held and used in this way and for any other use You authorise Agile Link will only use your personal information for the purposes described in this Policy or with your express permission.
It is your responsibility to keep your password to the Service safe. You should notify us as soon as possible if you become aware of any misuse of Your password, and immediately change your password within the Service or via the “Forgot your password” process.
By using the Service, You agree that Agile Link can access, aggregate and use non-personally identifiable data we have collected from you. This data will in no way identify you or any other individual. We may use this aggregated non-personally identifiable data to improve the service, inform and notify our customers with information relating to the uses and benefits of the service and understand how our customers are using the service..
Hosting and Data Storage
- Our services are provided via hosting facilities provided by AWS. All services hosted on servers are located in Ireland and will remain in Agile Links effective control at all times. AWS has no control or are they permitted to access or use your personal information except for storage purposes.
- By entering personal information into the service, you consent to that personal information being hosted on servers located in Ireland. If you do not want personal information to be stored on servers located in Ireland, you should not provide Agile Link with your personal information or use the service.
- From time to time Agile Link may use servers that are physically located outside Ireland but within Europe to cope with additional demand and load should the environment needs scaling up.
- Agile Link will only disclose the personal information you have provided to us to entities outside Agile Link if it is necessary and appropriate to facilitate the purpose for which your personal information was collected pursuant to this Policy, including the provision of the Service. Agile Link will not otherwise disclose your personal information to a third party unless you have provided your express consent. However, you should be aware that Agile Link may be required to disclose your personal information without your consent in order to comply with any court orders, subpoenas, or other legal process or investigation including by tax authorities, if such disclosure is required by law. Where possible and appropriate, we will notify you if we are required by law to disclose Your personal information.
- If it is deemed that any Agile Link employee, management (including founders) or employees from any third party contractor working alongside Agile Link is directly or indirectly affiliated with organisations within the care industry Agile Link is not obligated to grant access or disclose any information held unless Agile Link is reasonably satisfied that the objective of access to information will not cause negative conflict of interest.
Credit Card Data
No credit card data is stored by the service.
Accessing your personal information
- It is your responsibility to ensure that personal information you provide to us is accurate, complete and up to date. You may request access to you may request access to the information we hold about you, or request that we update or correct any personal information we hold about you, by setting out your request in writing and sending it to us at firstname.lastname@example.org. Agile Link will process your request as soon as reasonably practicable, provided we are not otherwise prevented from doing so on legal grounds. If we are unable to meet your request, we will let you know why. For example, it may be necessary for us to deny your request if it would have an unreasonable impact on the privacy or affairs of other individuals, or if it is not reasonable and practicable for us to process your request in the manner you have requested. In some circumstances, it may be necessary for us to seek to arrange access to your personal information through a mutually agreed intermediary (for example, the Subscriber).
- We’ll only keep your personal information for as long as we require it for the purposes of providing you with the Service. However, we may also be required to keep some of your personal information for specified periods of time, for example under certain laws relating to corporations, money laundering, and financial reporting legislation.
In providing the Service, Agile Link utilises “cookies”. A cookie is a small text file that is stored on Your computer for record-keeping purposes. A cookie does not identify You personally or contain any other information about You but it does identify Your computer. We may use a combination of “persistent cookies” (cookies that remain on Your hard drive for an extended period of time) and “session ID cookies” (cookies that expire when You close Your browser) to track usage. You can set your browser to notify You when You receive a cookie so that You will have an opportunity to either accept or reject it in each instance. However, You should note that refusing cookies may have a negative impact on the functionality and usability of the service.
You can opt-out of any email communications
From time to time Agile Link will send product information, Service updates and Service notifications to you via email. If you wish to be opted out you can send us requesting to be removed via email request to email@example.com
You are responsible for transfer of your data to third-party applications/external environments
For any queries in relation to any aspect of this policy or data requests (particularly around erasure), our data protection representative can be contacted via email at firstname.lastname@example.org.
We will endeavour to:
- provide an initial response to Your query or complaint within 10 business days, and
- investigate and attempt to resolve Your query within 30 business days or such longer period as is necessary and notified to you by our data protection representative.
Agile Link Ltd does not store any personal data that you upload to the software system (including documents and attachments) in an unencrypted form in any country outside of the European Economic Area (all EU member states, plus Iceland, Liechtenstein, and Norway).
Agile Link Ltd may employ the services of other Sub-processors to enable the effective provision of services. A list of these Sub-processors can be provided on request. Some of these Sub-processors may be located outside of the EEA, or may store data outside of the EEA. Where this is the case Agile Link Ltd will seek assurances that the locations where the Personal Data are stored are considered to have equivalent levels of protection as Personal Data that are stored within the EEA. This will usually be through the existence of a Data Processing Agreement, as well as either EU-US Privacy Shield certification or EU Model Contract Clauses.
Data breaches and Notifications
Agile Link shall immediately notify Customer without undue delay once it becomes aware of the accidental or unlawful destruction, loss, alteration, unauthorised disclosure of, or access to Customer Data, including Personal Data, transmitted, stored or otherwise Processed by Agile Link Ltd or its Sub-processors of which Agile Link Ltd becomes aware (a “Customer Data Breach Incident”). Agile Link Ltd shall make reasonable efforts to identify the cause of such Customer Data Breach Incident and take those steps as Agile Link Ltd deems necessary and reasonable in order to remediate the cause of such a Customer Data Breach Incident to the extent the remediation is within Agile Link Ltd’s reasonable control. The obligations herein shall not apply to incidents that are caused by Customer or Customer’s Users.
Agile Link is committed to protecting the security of your personal information and we take all reasonable precautions to protect it from unauthorised access, modification or disclosure. Your personal information is stored on servers that sit behind firewalls that will block any unauthorised requests as soon as it is detected.
However, the Internet is not in itself a secure environment and we cannot give an absolute assurance that your information will be secure at all times. Transmission of personal information over the Internet is at your own risk and you should only enter, or instruct the entering of, personal information to the Service within a secure environment.
We will advise you at the first reasonable opportunity upon discovering or being advised of a security breach where your personal information is lost, stolen, accessed, used, disclosed, copied, modified, or disposed of by any unauthorised persons or in any unauthorised manner.
We are committed to the security of your data and provide multiple layers of protection in-place.
Agile Link has in-place multiple layers of security controls that protect access to and within our environment. We partner with industry leading enterprise hosting partners to leverage their expertise inorder to protect our systems.
All data between you and Alice is encrypted using industry standard TLS (Transport Layer Security). All connections to Alice are made securely over https.
Agile Link’s servers are located within enterprise-grade hosting facilities that employ robust physical security controls to prevent physical access to the servers they house. These controls include 24/7/365 monitoring and surveillance, on-site security staff and regular ongoing security audits. Agile Link maintains multiple geographically separated hosting environments to minimise the risk of data loss or outages.
You control access
As a Agile Link customer you have the flexibility to invite users into your account to collaborate on your data, and the person that holds the subscription has control over who has access and what they are able to do. Our customer support staff cannot access your information unless you invite them to help.
Agile Links has in-place processes that continuously monitors services via logs to identify and manage threats.
Constant updates and innovation
We’re constantly enhancing our services, delivering new features and performance improvements. Updates are delivered frequently, with the majority of them being delivered without interrupting our service and disrupting users.
Data Backup Statement
You must maintain copies of all Data inputted into the Service. Agile Link adheres to its best practice policies and procedures to prevent data loss, including a nightly system data back-up regime with a data retention of 7 days with backup copies stored across multiple replicated zones, but does not make any guarantees that there will be no loss of Data. Agile Link expressly excludes liability for any loss of Data no matter how caused.
In cases where data needs to be restored Agile Link will use best endeavours to ensure minimal data loss but cannot guarantee this will always be possible.
Agile Link will continually review and investigate procedures that may help improve and streamline data management and when processes are updated, agile link will update this policy with the details.
This policy may be updated from time to time. Agile Link reserves the right to change this Policy at any time, and any amended Policy is effective upon posting to this Website. Agile Link will make every effort to communicate any significant changes to You via email or notification via the Service. Your continued use of the Service will be deemed acceptance of any amended Policy.
Policy last updated: 23rd May 2018.